support for TLS channel bindings
@danw
Submitted by Dan Winship Link to original bug (#636575)
Description
gio TLS should eventually support channel bindings, to integrate SASL and other types of authentication with TLS.
However, AFAICT gnutls 2.10 does not have sufficient support for this, so we need to wait for gnutls 2.12 to come out anyway.
The API will probably be something like:
typedef enum { G_TLS_CHANNEL_BINDING_TLS_UNIQUE, G_TLS_CHANNEL_BINDING_TLS_SERVER_END_POINT, G_TLS_CHANNEL_BINDING_TLS_UNIQUE_FOR_TELNET } GTlsChannelBindingType;
/* Call this before the handshake to alert the backend to save the
- appropriate channel binding data. */ void g_tls_connection_set_channel_binding_type (GTlsConnection *conn GTlsChannelBindingType type);
/* Call this after the handshake to get the data. */ GByteArray *g_tls_connection_get_channel_binding_data (GTlsConnection *conn);